Bluebox-ng - A Pentesting Framework using Node.js powers, focused in VoIP.
DISCLAIMER: Pointing this tool at other people's servers is NOT legal in most countries.
* Auto VoIP/UC penetration test
* Report generation
* Performance
* RFC compliant
* SIP TLS and IPv6 support
* SIP over websockets (and WSS) support (RFC 7118)
* SHODAN, exploitsearch.net and Google Dorks
* SIP common security tools (scan, extension/password bruteforce, etc.)
* Authentication and extension brute-forcing through different types of SIP requests
* SIP Torture (RFC 4475) partial support
* SIP SQLi check
* SIP denial of service (DoS) testing
* Web management panels discovery
* DNS brute-force, zone transfer, etc.
* Other common protocols brute-force: Asterisk AMI, MySQL, MongoDB, SSH, (S)FTP, HTTP(S), TFTP, LDAP, SNMP
* Some common network tools: whois, ping (also TCP), traceroute, etc.
* Asterisk AMI post-explotation
* Dumb fuzzing
* Automatic exploit searching (Exploit DB, PacketStorm, Metasploit)
* Automatic vulnerability searching (CVE, OSVDB, NVD)
* Geolocation
* Command completion
* Cross-platform support
Install
1, Install Node.js
2, npm i -g bluebox-ng
Kali GNU/Linux
curl -sL https://raw.githubusercontent.com/jesusprubio/bluebox-ng/master/artifacts/installScripts/kali2.sh | sudo bash -
Use
Console: To start the console client.
bluebox-ng
Programatically: To run it from other Node code.
const Bluebox = require('bluebox-ng');
const box = new Bluebox();
box.run('gather/network/geo', { rhost: '8.8.8.8' })
.then(res => {
console.log('Result:');
console.log(res);
})
.catch(err => {
console.log('Error:');
console.log(err);
});
Developer guide
Use GitHub pull requests.
Environment: Get a copy of the code and install the dependencies.
git clone https://github.com/jesusprubio/bluebox-ng
cd bluebox-ng
npm i # or use yarn
Debug: We use the visionmedia module, so you have to use this environment variable:
DEBUG=bluebox-ng* npm start
New modules: You can add your own features to this environment following this tips:
* Add a new file inside /modules and it should appear in the pentesting environment.
* Use the most similar among the actual ones as boilerplate.
Tests
We still don't have a proper Docker setup. So, for now, the test have to be run locally. Please check its code before it, they often need a valid target service.
./node_modules/.bin/tap test/wifi
node test/wifi/*
./node_modules/.bin/tap test/wifi/scanAps.js
node test/wifi/scanAps.js
Conventions
* We use ESLint and Airbnb style guide.
* Please run to be sure your code fits with it and the tests keep passing: npm run posttest
Contributors
Thanks to
* Our mentors: @antonroman, @sandrogauci (SIPVicious was our inspiration), @pepeluxx, @markcollier46 ("Hacking VoIP Exposed").
* Quobis, some hours of work through personal projects program.
* Kamailio community (@kamailioproject), our favourite SIP Server.
* Tom Steele (@_tomsteele) and the rest of exploitsearch.net team.
* All developers who have written the Node.js modules used in the project.
* All VoIP, free software and security hackers that we read everyday.
* Our friend Carlos Pérez, the logo designer.